Oct 26, 2020 | Misconfiguration, Pentesting, Security, Vulnerabilities
While working with a client, VDA engineers encountered an interesting circumstance that allowed for the bypassing of Multi-factor Authentication for users that had already set this up on their accounts. This particular misconfiguration/vulnerability was possible due...
Jul 27, 2020 | Auditing, Forensics, Incident Response, Malware Analysis
All of Your Data are Belong To Us: The Art of Imaging and Analysis VDA labs is brought into many different types of situation where a client may want imaging and analysis. From diagnosing patient zero during a malware outbreaks to employee espionage taking system...
Jun 12, 2020 | Cybersecurity Awareness Training
Business Email Compromise (BEC) and other forms of social engineering attacks, which often lead to events like ransomware and data theft, are the number one threats companies face today. We know because we conduct incident response. Organizations need all staff to...
May 8, 2020 | AppSec, Pentesting, Security, Tool Development
Part of our internal mentoring and training culture at VDA includes Lunch and Learn events where engineers share helpful information about a relevant security topic. This past week, several of us discussed our favorite BurpSuite extensions, which are helpful additions...
Mar 25, 2020 | Graylog, Logging
No More Secrets: Logging Made Easy Through Graylog Part 7 Logging is a important but often overlooked part of an organization’s security posture. Logging without organization, searchability, or reporting leads to data being missed. This a continuation of a longer...
Mar 13, 2020 | Graylog, IIS, Logging
No More Secrets: Logging Made Easy Through Graylog Part 6 Logging is a important but often overlooked part of an organization’s security posture. Logging without organization, searchability, or reporting leads to data being missed. This a continuation of a longer...
Mar 9, 2020 | Graylog, Logging, Security
No More Secrets: Logging Made Easy Through Graylog Part 5 Logging is a important but often overlooked part of an organization’s security posture. Logging without organization, searchability, or reporting leads to data being missed. This a continuation of a longer...
Mar 2, 2020 | Graylog, Logging, Security
No More Secrets: Logging Made Easy Through Graylog Part 4 Logging is a important but often overlooked part of an organization’s security posture. Logging without organization, searchability, or reporting leads to data being missed. This a continuation of a...
Feb 26, 2020 | Graylog, Logging, Security
No More Secrets: Logging Made Easy Through Graylog Part 3 Logging is a important but often overlooked part of an organization’s security posture. Logging without organization, searchability, or reporting leads to data being missed. This a continuation of a...